Secure-storage vendor CTERA Networks has dipped into the arsenal of military encryption and access-control methods to target its on-premises and public cloud storage to high-end organisations for whom conventional methods of authentication are proving to be inadequate.

Designed specifically for the US Department of Defense (DoD), CTERA's new 'mutual authentication' technology was designed to offer additional layers of protection above and beyond conventional integration with Microsoft Active Directory servers.

Although widely used, the Active Directory approach was proving deficient in high-security environments because compromised passwords, access codes or mobile phones could still allow unauthorised users to navigate access controls to get onto a sensitive network.

The goal “is to provide the most secure solution for enterprises in cases where they don't even trust their own internal users,” Denworth explained, noting that the solution was positioned at “material organisations like banking, healthcare and critical infrastructure”.

“Once they decide they need something for security that is appropriate for finance or HR, solutions like this become much more appropriate,” he continued.

“We have secured government customer wins where those organisations are looking for ways to modernise file access and data protection.”

The EFSP platform offers a distributed file system that can be deployed as an on-premises solution or via public-cloud services like Amazon Web Services (AWS), depending on what data is being stored and what level of protection the user wants to enforce over it.

Seamless, incremental backup processes with 256-bit encryption of data at rest and user-controlled encryption keys had combined to keep control over file storage in the user’s hands, with the company – which this month launched updates including CAC support and an overhauled mobile app for file access – positioning its technology as a more tightly-controlled alternative to popular public-cloud services such as Box, Dropbox, and Microsoft OneDrive.

The popularity of those services meant that most small and medium businesses “will embrace SaaS storage services as good enough,” Denworth said. “If your organisation only has a few hundred users in total and you're not regulated, there's a good chance that we will never talk to you.”
Rather than users authenticating to a SaaS service which in turn manages all file access on their behalf, the design of EFSP allowed users to effectively authenticate users all the way through to individual resources – providing direct access to sensitive content with full logging, auditing and access-rights control.

“If I'm deploying in AWS, I can achieve nearly the same security criteria that I would in my own data centre and my files will never get accessed by a third party,” Denworth said. “However, if I'm deploying SaaS based solutions there is no way that I could ever achieve the same level of isolation and data security as I would have if I deployed a fully dedicated solution.”

While he couldn't name customers yet, ongoing deployments with several Australian government agencies confirmed recognition of the value of tighter control over file-storage assets. “We don't think of files as something that just lives on a mobile device or just lives on a desktop or on an office file server,” he said.

“Users don't really care about access method; they just care about their data, and want to be able to access it from any device, at any time. And when they get Cryptolocker or lose a file, they want to be able to recover it from any device, at any time.”

Latest Videos

Hear from Invictus Games Sydney 2019 CEO, Patrick Kidd OBE and Head of Technology, @James-d-smith -share their insights on how they partnered with Unisys to protect critical data over an open, public WiFi solution.

With so much change all the time, how can executives best prepare their businesses to meet the security challenges of the coming years? CSO Australia, in conjunction with Mimecast, explored this question in an interactive Webinar that looks at how the threat landscape has evolved – and what we can expect in 2019 and beyond.

According to new research conducted by the Ponemon Institute, Australia and New Zealand have the highest levels of data breaches out of the nine countries investigated. This was linked to heavy investment in security detection and an under-investment in security and vulnerability response capabilities

Copyright 2019 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.